1 like 0 dislike
64 views
HOW TO SETUP WEBRTC or WebRTC based webphone for Vicidial
in Education & Reference by (2.8k points) | 64 views

1 Answer

0 like 0 dislike

Vicidial Webphone WEBRTC - Asterisk 13.21

For SSL you will need buy the service from eg: namecheap.com and to generate CSR, please follow the below URL

http s://decoder.link/csr_generator/

It will provide you CSR and Private Key for the specific domain you want to use

Asterisk configuration

Enable and configure embedded asterisk web server.
Open /etc/asterisk/http.conf

Make sure you have following options congifured

[general]
enabled=yes
; Address to bind to, both for HTTP and HTTPS. You MUST specify
; a bindaddr in order for the HTTP server to run. There is no
; default value.
bindaddr=
bindport=8088
tlsenable=yes ; enable tls - default no.
tlsbindaddr=:8089 ; address and port to bind to - default is bindaddr and port 8089.
tlscertfile=/path/to/your/certificate.pem ; path to the certificate file (.pem) only.
tlsprivatekey=/path/to/your/privkey.pem ; path to private key file (
.pem) only.

; To produce a certificate you can rename .crt to .pem and rename .key to .pem

Configure chan_sip
1.Open /etc/asterisk/sip.conf
Add following lines
realm=
transport=udp,ws,wss
avpf=yes
srvlookup=yes

httpd configuration

1.configure httpd to use ssl certificates.
open vi /etc/httpd/conf.d/ssl.conf

SSL Engine Switch:

Enable/Disable SSL for this virtual host.

SSLEngine on

change patch to certificates

 #   Server Certificate:
 #   Point SSLCertificateFile at a PEM encoded certificate.  If
 #   the certificate is encrypted, then you will be prompted for a
 #   pass phrase.  Note that a kill -HUP will prompt again.  Keep
 #   in mind that if you have both an RSA and a DSA certificate you
 #   can configure both in parallel (to also allow the use of DSA
 #   ciphers, etc.)

 SSLCertificateFile /path/to/your/cert.pem

or
SSLCertificateFile /path/to/domain.crt

 #   Server Private Key:
 #   If the key is not combined with the certificate, use this
 #   directive to point at the key file.  Keep in mind that if
 #   you've both a RSA and a DSA private key you can configure
 #   both in parallel (to also allow the use of DSA ciphers, etc.)
 SSLCertificateKeyFile /path/to/your/privkey.pem

or
SSLCertificateFile /path/to/domain.key

 #   Server Certificate Chain:
 #   Point SSLCertificateChainFile at a file containing the
 #   concatenation of PEM encoded intermediate CA
 #   certificates which form the certificate chain for the
 #   server certificate. Alternatively the referenced file
 #   can be the same as SSLCertificateFile when the CA
 #   certificates are directly appended to the server
 #   certificate for convinience.
 #   SSLCertificateChainFile /path/to/your/fullchain.pem
  1. Force all connections to be secure

open /etc/httpd/conf/httpd.conf
add following

    NameVirtualHost *:443
    ServerAdmin *Emails are not allowed*
    ServerName domain.com
    DocumentRoot /var/www/html/
    SSLEngine on
    SSLCertificateFile /etc/httpd/ssl/domain.crt
    SSLCACertificateFile /etc/httpd/ssl/domain.ca-bundle
    SSLCertificateKeyFile /etc/httpd/ssl/domain.key


 RewriteEngine On
 RewriteCond %{HTTP S} off
 RewriteRule (.*) http s://%{HTTP_HOST}%{REQUEST_URI}
 ServerAdmin *Emails are not allowed*
 DocumentRoot /var/www/html/
 ServerName domain.com
 ServerAlias domain.com
 ErrorLog /var/www/html/error.log

  1. Restart httpd

systemctl restart httpd

Vicidial configuration

Configure Web phone URL
In vicidial ADMINISTRATION page change Admin->System Settings->Webphone URL: to PBXWebPhone/index.php OR viciphone/viciphone.php
Specify Web Socket URL:
Admin->Servers->-> Web Socket URL: to "wss://:8089/ws"
Enable Web phone in phone config
In vicidial ADMINISTRATION page change Admin->Phones->"Set As Webphone" to "Y"
Add ssl configuration to phone config
In vicidial ADMINISTRATION page go to Admin->Phones
Select Template ID: SIP_generic
Add following config to Conf Override:
``ini

avpf=yes
encryption=yes
icesupport=yes
avpf=yes
nat=comedia
directmedia=no 
dtlsenable=yes
dtlsverify=no 
dtlscertfile=/path/to/your/cert.pem  
dtlsprivatekey=/path/to/your/privkey.pem  
dtlssetup=actpass 

``
NOTE: Change /patch/to/your/*.pem to correct path on your server

TO Debug:

asterisk -vvvr

http show status

OUTPUT

HTTP Server Status:
Prefix:
Server: Asterisk/13.21.0-vici
Server Enabled and Bound to 1.1.1.1:8088

HTTPS Server Enabled and Bound to 1.1.1.1:8089

Enabled URI's:
/httpstatus => Asterisk HTTP General Status
/phoneprov/... => Asterisk HTTP Phone Provisioning Tool
/static/... => Asterisk HTTP Static Delivery
/ari/... => Asterisk RESTful API
/ws => Asterisk HTTP WebSocket

Enabled Redirects:
None.

and open

http s://IP:8089/ws

OUTPUT

Upgrade Required
Asterisk/13.21.0-vici

and websocket live debug

Open http s://IP/agc/PBXWebPhone/test.php

OUTPUT

Should show iframe

Alternate Phono is VICIPHONE

put the content of source into agc or mkdir webphone and put it in the source file as above we mentioned the path in Webphone URL

by (1.4k points)
0 0
<VirtualHost *:80>
     RewriteEngine On
     RewriteCond %{HTTPS} off
     RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    ServerAdmin *Emails are not allowed*
     DocumentRoot /var/www/html/
     ServerName domain.com
     ServerAlias domain.com
     ErrorLog /var/www/html/error.log
</VirtualHost>

Related questions

1 like 0 dislike
1 answer
0 like 0 dislike
1 answer
2 like 0 dislike
0 answers
asked May 31 in Education & Reference by Marc (2.8k points) | 36 views
2 like 0 dislike
2 answers
asked May 30 in Education & Reference by john (160 points) | 54 views
0 like 0 dislike
1 answer
1 like 0 dislike
1 answer
asked Jan 4, 2018 in Education & Reference by Simmi (630 points) | 185 views
2 like 0 dislike
1 answer
asked Nov 29, 2017 in Education & Reference by Sam (1.4k points) | 1.3k views
1 like 0 dislike
1 answer
0 like 0 dislike
1 answer
0 like 0 dislike
0 answers
asked Jun 13, 2018 in Education & Reference by Sam (1.4k points) | 73 views

Where your donation goes
Technology: We will utilize your donation for development, server maintenance and bandwidth management, etc for our site.

Employee and Projects: We have only 15 employees. They are involved in a wide sort of project works. Your valuable donation will definitely boost their work efficiency.

How can I earn points?
Awarded a Best Answer 10 points
Answer questions 10 points
Asking Question -20 points

1,226 questions
1,372 answers
559 comments
2,099 users